e6f7e2e8db3402f409f57180d1d0cdd35a1c355e12052c3299625b966df07f5a

Sharing

Copy URL Twitter E-mail

General

Target

e6f7e2e8db3402f409f57180d1d0cdd35a1c355e12052c3299625b966df07f5a
Size

80KB
MD5

92e73b7bd3b67db7e01c2da52a6e1e3e
SHA1

47b068c38c31d3f3c478c800a83298b1215f9161
SHA256

e6f7e2e8db3402f409f57180d1d0cdd35a1c355e12052c3299625b966df07f5a
SHA512

c0afac0defc465ea0f7a50161e243ac1927863bfa0cd39c977f9967c0d3778e43b2245ea31f63dcc01016d6216d757211f0fa2e62894702c415110bcc95a2cbf
SSDEEP

1536:Xo1mrO7QW4nJAAvKDkSsZN/zSYsNkRTZ2ylbE:YB7QJZvaZsZN/zSYsNkRTZ2ybE

Score

N/A

Malware Config

Signatures

Files

e6f7e2e8db3402f409f57180d1d0cdd35a1c355e12052c3299625b966df07f5a
.dll regsvr32 windows x86

261064730edfb758a9bba4eb92469de9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2396
ord5199
ord3346
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4003
ord540
ord1601
ord4622
ord5300
ord290
ord2623
ord1206
ord614
ord4424
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord1799
ord535
ord859
ord939
ord940
ord6877
ord860
ord800
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord5302
ord4079
ord4698
ord5307
ord5289
ord4226
ord5500
ord1132
ord1131
ord2915
ord941
ord537
ord6354
ord5714
ord3262
ord3081
ord3738
ord561
ord815
ord1223
ord823
ord825
ord743
ord446
ord2486
ord1089

msvcrt

wcscpy
wcschr
wcsncpy
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
atoi
strrchr
strchr
wcstombs
_wcsnicmp
_wcsicmp
wcsncmp
_snwprintf
wcstoul
wcslen
wcscmp
__CxxFrameHandler
_EH_prolog
__dllonexit

kernel32

Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
VirtualFree
VirtualAlloc
Sleep
ReadFile
GetFileSize
CreateFileW
WaitForSingleObject
OpenThread
SetEvent
WaitForMultipleObjects
CreateThread
CreateEventW
GetCurrentThreadId
TlsAlloc
GetModuleFileNameW
TlsFree
GetProcAddress
GetModuleHandleW
VirtualQuery
TlsSetValue
TlsGetValue
DeleteFileW
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
LocalFree
LocalAlloc
GetModuleFileNameA
MultiByteToWideChar
GetEnvironmentVariableA
lstrlenA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileAttributesW
WideCharToMultiByte
GetTempPathW
GetEnvironmentVariableW
GetLastError
IsDebuggerPresent
SetLastError

user32

IsIconic
IsZoomed
IsWindowUnicode
GetWindowTextLengthW
EnumWindows
EnumChildWindows
GetCursorPos
WindowFromPoint
UnregisterClassW
RegisterClassExW
MapVirtualKeyA
SetWindowLongW
AdjustWindowRectEx
SetWindowPos
CreateWindowExW
PostMessageW
TranslateMessage
DispatchMessageW
SendMessageW
GetGUIThreadInfo
GetWindowInfo
IsWindowEnabled
ShowWindow
OpenIcon
SetForegroundWindow
PostQuitMessage
GetWindowThreadProcessId
IsWindowVisible
GetClassNameW
GetWindowTextW
DefWindowProcA
SendMessageTimeoutW
GetAncestor
GetIconInfo
GetWindowRect
GetWindowDC
ReleaseDC
SendMessageTimeoutA
InvalidateRect
GetSystemMetrics
IsRectEmpty
GetMenu
GetDesktopWindow
GetWindowLongW
GetParent
GetWindow
UpdateWindow
SetLayeredWindowAttributes
SetWindowRgn
GetWindowRgn
ClientToScreen
ScreenToClient
SetRect
EndPaint
FillRect
GetClientRect
BeginPaint
DefWindowProcW
LoadCursorA
LoadImageW
CallWindowProcW
GetClassInfoExW
GetAsyncKeyState
IsWindow
DestroyWindow
SetTimer
SetWindowTextW
GetClassLongW
FlashWindow
MoveWindow
KillTimer
GetMessageW

gdi32

CreateFontW
GetTextExtentExPointW
SetBkMode
CreateSolidBrush
ExtSelectClipRgn
GetTextMetricsW
SetROP2
TextOutW
SetTextColor
CreateCompatibleDC
CreateDIBSection
BitBlt
ExtCreateRegion
CombineRgn
DeleteDC
CreateRectRgn
CreateRectRgnIndirect
GetObjectA
GetDIBits
CreatePen
SelectObject
Rectangle
DeleteObject
StretchBlt
GetStockObject
CreateCompatibleBitmap

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
VariantInit
VariantCopyInd
VariantClear
VariantChangeType
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
VariantCopy

psapi

GetModuleBaseNameW
GetModuleFileNameExW

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

ole32

CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

261064730edfb758a9bba4eb92469de9

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

oleaut32

psapi

advapi32

ole32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB